Loading

Micro800 – Multiple Vulnerabilities

Severity:
Critical
Advisory ID:
SD1736
发布日期:
August 14, 2025
上次更新时间:
August 14, 2025
Revision Number:
1.0
Known Exploited Vulnerability (KEV):
否
Corrected:
是
Workaround:
否
下载
The following link(s) provide the security advisory in Vulnerability Exploitability Exchange format:
JSON
JSON
JSON
JSON
摘要

Published Date: 8/14/2025 
Last Updated: 8/14/2025 
Revision Number: 1.0 
CVSS Score: 9.8/10

The security of our products is important to us as your chosen industrial automation supplier. This anomaly was found internally during routine testing and is being reported based on our commitment to customer transparency and to improve their business or production environments.

AFFECTED PRODUCTS AND SOLUTION

 

 

CVE

 

 

 

 

Affected Product

 

 

 

 

First Known in Software Version

 

 

 

 

Corrected in Software Version

 

 

 

 

CVE-2023-48691 

 

 

 

 

 

 

 

PLC Micro820 LC20  

 

 

 

 

V14.011 and below

 

 

 

 

Migrate to Micro820 L20E V 23.011 and later (this has yet to be released, target to release in Sept 2025)

 

 

 

 

 

 

 

PLC Micro850 LC50

 

 

 

 

V12.013 and below 

 

 

 

 

Migrate to Micro850 L50E V 23.011 and later

 

 

 

 

 

 

 

PLC Micro870 LC70

 

 

 

 

V12.013 and below

 

 

 

 

Migrate to Micro870 L70E V 23.011 and later

 

 

 

 

 

 

 

PLC - Micro850 L50E

 

 

 

 

V20.011 - V22.011 
 

 

 

 

 

V23.011 and later

 

 

 

 

PLC – Micro870 L70E

 

 

 

 

V20.011 - V22.011 
 

 

 

 

 

V23.011 and later

 

 

 

 

CVE-2023-48692

 

 

 

 

 

 

 

PLC Micro820 LC20  

 

 

 

 

V14.011 and below

 

 

 

 

Migrate to Micro820 L20E V 23.011 and later (this has yet to be released, target to release in Sept 2025)

 

 

 

 

 

 

 

PLC Micro850 LC50

 

 

 

 

V12.013 and below 

 

 

 

 

Migrate to Micro850 L50E V 23.011 and later

 

 

 

 

 

 

 

PLC Micro870 LC70

 

 

 

 

V12.013 and below

 

 

 

 

Migrate to Micro870 L70E V 23.011 and later

 

 

 

 

 

 

 

PLC - Micro850 L50E

 

 

 

 

V20.011 - V22.011 
 

 

 

 

 

V23.011 and later

 

 

 

 

PLC – Micro870 L70E

 

 

 

 

V20.011 -V22.011 
 

 

 

 

 

V23.011 and later

 

 

 

 

CVE-2023-48693

 

 

 

 

 

 

 

PLC Micro820 LC20  

 

 

 

 

V14.011 and below

 

 

 

 

Migrate to Micro820 L20E V 23.011 and later (this has yet to be released, target to release in Sept 2025)

 

 

 

 

 

 

 

PLC Micro850 LC50

 

 

 

 

V12.013 and below 

 

 

 

 

Migrate to Micro850 L50E V 23.011 and later

 

 

 

 

 

 

 

PLC Micro870 LC70

 

 

 

 

V12.013 and below

 

 

 

 

Migrate to Micro870 L70E V 23.011 and later

 

 

 

 

 

 

 

PLC - Micro850 L50E

 

 

 

 

V20.011 -V22.011 
 

 

 

 

 

V23.011 and later

 

 

 

 

PLC – Micro870 L70E

 

 

 

 

V20.011 - V22.011 
 

 

 

 

 

V23.011 and later

 

 

 

 

CVE-2025-7693

 

 

 

 

PLC - Micro850 L50E

 

 

 

 

V20.011 - V22.011 
 

 

 

 

 

V23.011 and later

 

 

 

 

PLC – Micro870 L70E

 

 

 

 

V20.011 -V22.011 
 

 

 

 

 

V23.011 and later

 

 

 

VULNERABILITY DETAILS

Rockwell Automation used the latest version of the CVSS scoring system to assess the following vulnerabilities.

CVE-2023-48691 IMPACT

Azure RTOS NetX Duo is a TCP/IP network stack designed specifically for deeply embedded real-time and IoT applications. An attacker can cause an out-of-bounds write in Azure RTOS NETX Duo, that could lead to remote code execution. The affected components include a process related to IGMP protocol in RTOS v6.2.1 and below. The fix has been included in NetX Duo release 6.3.0. Users are advised to upgrade. 

CVSS 3.1 Base Score: 9.8 
CVSS 3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CVSS 4.0 Base Score: 9.3 
CVSS 4.0 Vector: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N

CWE: CWE-1395: Dependency on Vulnerable Third-Party Component 
Known Exploited Vulnerability (KEV) database: No

CVE-2023-48692 IMPACT

Azure RTOS NetX Duo is a TCP/IP network stack designed specifically for deeply embedded real-time and IoT applications. An attacker can cause remote code execution due to memory overflow vulnerabilities in Azure RTOS NETX Duo. The affected components include processes/functions related to icmp, tcp, snmp, dhcp, nat and ftp in RTOS v6.2.1 and below. The fixes have been included in NetX Duo release 6.3.0. Users are advised to upgrade. 

CVSS 3.1 Base Score: 9.8 
CVSS 3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CVSS 4.0 Base Score: 9.3 
CVSS 4.0 Vector: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N

CWE: CWE-1395: Dependency on Vulnerable Third-Party Component 
Known Exploited Vulnerability (KEV) database: No

CVE-2023-48693 IMPACT

Azure RTOS ThreadX is an advanced real-time operating system (RTOS) designed specifically for deeply embedded applications. An attacker can cause arbitrary read and write due to vulnerability in parameter checking mechanism in Azure RTOS ThreadX, which may lead to privilege escalation. The affected components include RTOS ThreadX v6.2.1 and below. The fixes have been included in ThreadX release 6.3.0. Users are advised to upgrade. 

CVSS 3.1 Base Score: 9.8 
CVSS 3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CVSS 4.0 Base Score: 9.3 
CVSS 4.0 Vector: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N

CWE: CWE-1395: Dependency on Vulnerable Third-Party Component 
Known Exploited Vulnerability (KEV) database: No

CVE-2025-7693 IMPACT

A security issue exists due to improper handling of malformed CIP Forward Close packets during fuzzing. The controller enters a solid red Fault LED state and becomes unresponsive. Upon power cycle, the controller will enter recoverable fault where the MS LED and Fault LED become flashing red and reports fault code 0xF015. To recover, clear the fault.

CVSS 3.1 Base Score: 9.8 
CVSS 3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CVSS 4.0 Base Score: 9.3 
CVSS 4.0 Vector: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N

CWE:  CWE-20: Improper Input Validation 
Known Exploited Vulnerability (KEV) database: No

Mitigations and Workarounds  
Users should update to the corrected version if possible. If users using the affected software are not able to upgrade the version, security best practices should be applied. 

  •         Security Best Practices 

Glossary:

  • TCP/IP: language computers use to talk to each other on a network or the internet

  • IoT: network of physical devices, like thermostat, fridge, or car

  • Remote Code Execution: allows attackers to run arbitrary code on a remote machine, connecting to it over public or private networks 

  • IGMP:  (Internet Group Management Protocol) Used by IP hosts and adjacent routers to establish multicast group memberships. 

  • ICMP:  (Internet Control Message Protocol) Used for sending error messages and operational information, such as when a service is unavailable or a host/router cannot be reached. 

  • TCP: (Transmission Control Protocol) A connection-oriented protocol that ensures reliable data transmission between devices.

  • SNMP:  (Simple Network Management Protocol) Used for collecting and organizing information about managed devices on IP. 

  • DHCP: (Dynamic Host Configuration Protocol) Automatically assigns IP addresses and other network configuration parameters to devices on a network, allowing them to communicate effectively.

  • NAT: (Network Address Translation) A method used to remap IP addresses by modifying network address information in packet headers.  

  • FTP: (File Transfer Protocol) uses two primary ports for its operations: Port 21 and Port 20. These ports play distinct roles in facilitating file transfers between clients and servers.

  • Parameter: setting or value that helps define how data is transmitted, received, or managed across a network

  • CIP: (Common Industrial Protocol) a communication protocol designed for automation applications in industrial settings

  • Fuzzing: a technique that focuses on discovering vulnerabilities by providing a large amount of random and unexpected data inputs to a software system to trigger faults and find implementation bugs 

Rockwell Automation Home
Copyright ©2022 Rockwell Automation, Inc.
  1. Chevron LeftChevron Left Rockwell Automation 主页
  2. Chevron LeftChevron Left Trust Center
  3. Chevron LeftChevron Left Industrial Security Adv
  4. Chevron LeftChevron Left Industrial Security Advisory Detail
请更新您的Cookies偏好以继续.
此功能需要Cookies来增强您的体验。请更新您的系统偏好以允许使用这些Cookies:
  • 社交媒体Cookies
  • 功能Cookies
  • 性能 Cookies
  • 市场营销Cookies
  • 所有Cookies
您可以随时更新您的系统偏好。如需了解更多信息,请参阅我们的 {0} 隐私政策
CloseClose